Add signature checking to supplementalCredentials USER_PROPERTIES str…

…uctures
dionach · Nov 8, 2017 · acee10c · acee10c
1 parent af324d6
commit acee10c
Show file tree

Hide file tree

Showing 2 changed files with 8 additions and 2 deletions.
diff --git a/src/NtdsAudit/NTCrypto.cs b/src/NtdsAudit/NTCrypto.cs
@@ -241,6 +241,12 @@ public static Dictionary<string, byte[]> DecryptSupplementalCredentials(Dictiona
 
             var properties = new Dictionary<string, byte[]>();
 
+            // Check the property signature is equal to 0x50, and if not assume the structure is corrupt.
+            if (decryptedBlob.Length < 110 || BitConverter.ToUInt16(decryptedBlob, 108) != 0x50)
+            {
+                return properties;
+            }
+
             // If there are zero USER_PROPERTY elements, the length will be 0x6F
             if (decryptedBlob.Length == 0x6F)
             {

diff --git a/src/NtdsAudit/Properties/AssemblyInfo.cs b/src/NtdsAudit/Properties/AssemblyInfo.cs
@@ -32,6 +32,6 @@
 // You can specify all the values or you can default the Build and Revision Numbers
 // by using the '*' as shown below:
 // [assembly: AssemblyVersion("1.0.*")]
-[assembly: AssemblyVersion("2.0.0.0")]
-[assembly: AssemblyFileVersion("2.0.0.0")]
+[assembly: AssemblyVersion("2.0.1.0")]
+[assembly: AssemblyFileVersion("2.0.1.0")]
 [assembly: CLSCompliant(true)]